Microsoft Puts Bounty on Worm-Maker's Head

By Bryan Chaffin

Feb 13th, 2009 5:50 PM EST

Microsoft announced Thursday that it was putting a bounty on the head of whomever made the Conficker/Downadup worm. The worm has infected as many as 12 million Windows PCs since the Fall of 2008, and Microsoft is offering US$250,000 for information that leads to the arrest and conviction of the those responsible.

The announcement was made by George Stathakopoulos, general manager of the Trustworthy Computing Group at Microsoft, who said issued a convoluted statement to the effect that Microsoft was looking to bring more tools and resources to bear on the security problems that beset the Windows platform.

Big Redmond issued a security patch for this particular worm in 2008, but Conficker has been able to spread through the millions of Windows systems that are not regularly updated. When it infects a Windows system, it disables auto updates and other security features and phones home to a central server for more instructions.

Those instructions can include the gathering of personal information off of the PC or the installation of additional malware. In other words, once installed, Conficker's controllers effectively own the PC infected. You can read more about Conficker at Wikipedia.

Microsoft last paid out reward money for a worm creator in 2005, according to the BBC. At that time, the company shelled out a quarter million dollars to two individuals for helping to identify the maker of the Sasser worm. Thursday's announcement of a new bounty for the Conficker worm is the first time since 2005 that Microsoft has offered such a bounty.